Moving current state to public repo in Orga

.gitattributes

@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto

.gitignore

@@ -0,0 +1,32 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+yarn.lock
+
+# Coverage directory used by tools like istanbul
+coverage
+
+# nyc test coverage
+.nyc_output
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+
+# secret configuration
+config.json

README.md

@@ -0,0 +1,20 @@
+# ctcaldap
+ .. is a Church Tools Ldap Proxy and using many ideas and loc from the  https://github.com/milux/ctldap.git repository. Goal of the effort was to 
+   - refactor code so it is
+     - it is unit testable
+     - it is mockable
+     - offers better adaptability 
+   - support migrations from existing IDM (in case of Calvary Chapel Freiburg a pre-existing LDAP providing user authentication and groups to Nextcloud and Big Blue Button) by offering to
+     - filter groups 
+     - map groups
+     - fill fields depending on groups
+   - maybe allow different kinds of caching
+
+Like milux/ctladp it is heavily based on ldapjs.
+
+## Installation
+
+Node.js is required to run this software. http://nodejs.org/
+
+Get and install node, clone the repo and run `npm install` (`yarn`) to install dependancies. After that you can run the tests by `npm run test` (`yarn test`) or the cli by `node . `
+

config.example.json

@@ -0,0 +1,13 @@
+{
+  "name": "sitename",
+  "user": "",
+  "password": "",
+  "url": "https://sitename.church.tools/",
+  "selectionGroupIds": [],
+  "tranformedGroups": [
+    {
+      "gid": 0,
+      "name": "Group Name"
+    }
+  ]
+}

ctcaldap.config

@@ -0,0 +1,7 @@
+; logmode 0=none
+loglevel=0
+
+; This is required for clients using lowercase DNs, e.g. ownCloud/nextCloud
+dn_lower_case=true
+; This is required for clients that need lowercase email addresses, e.g. Seafile
+email_lower_case=true

index.js

@@ -0,0 +1,79 @@
+var fs = require("fs");
+var ini = require("ini");
+var path = require("path");
+
+exports.config = ini.parse(
+  fs.readFileSync(path.resolve(__dirname, "ctcaldap.config"), "utf-8")
+);
+
+const ldap = require("ldapjs");
+const server = ldap.createServer();
+
+server.search("o=example", (req, res, next) => {
+  const obj = {
+    dn: req.dn.toString(),
+    attributes: {
+      objectclass: ["organization", "top"],
+      o: "example",
+    },
+  };
+});
+
+var rootobj = {
+  dn: "dc=ccfreiburg,dc=de",
+  attributes: {
+    createtimestamp: "20200406114647Z",
+    creatorsname: "cn=admin,dc=ccfreiburg,dc=de",
+    dc: "ccfreiburg",
+    entrycsn: "20200406114647.018289Z#000000#000#000000",
+    entrydn: "dc=ccfreiburg,dc=de",
+    entryuuid: "0a0f7af6-0c48-103a-873b-5963809e173f",
+    hassubordinates: true,
+    modifiersname: "cn=admin,dc=ccfreiburg,dc=de",
+    modifytimestamp: "20200406114647Z",
+    o: "Calvary Chapel Freiburg",
+    objectclass: ["top", "organization"],
+    structuralobjectclass: "organization",
+    subschemasubentry: "cn=Subschema",
+  },
+};
+
+server.search("o=example", (req, res, next) => {
+  const obj = {
+    dn: "o=example",
+    attributes: {
+      objectclass: ["organization", "top", "dcObject"],
+      o: "example",
+      hasSubordinates: true,
+    },
+  };
+  if (req.filter.matches(obj.attributes)) res.send(obj);
+  res.end();
+});
+server.search("oc=top, cn=Subschema", (req, res, next) => {
+  const obj = {
+    dn: "oc=top, cn=Subschema",
+    attributes: {
+      parentTo: "all",
+    },
+  };
+  if (req.filter.matches(obj.attributes)) res.send(obj);
+  res.end();
+});
+
+server.search("", (req, res) => {
+  obj = rootobj;
+  if (req.filter.matches(obj.attributes)) res.send(obj);
+  res.end();
+});
+
+server.listen(1389, () => {
+  console.log("LDAP server listening at %s", server.url);
+});
+
+if (this.config.sites) {
+  Object.keys(this.config.sites).map((sitename) => {
+    var site = config.sites[sitename];
+    console.log(site + " Setting site config");
+  });
+}

package.json

@@ -0,0 +1,41 @@
+{
+  "name": "ctcaldap",
+  "version": "1.0.0",
+  "description": "ChurchTools LDAP Proxy",
+  "main": "index.js",
+  "scripts": {
+    "test": "mocha ./test/*.test.js",
+    "integration": "mocha ./test/*.integration.js"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/AlexRoehm/ctcaldap.git"
+  },
+  "keywords": [
+    "ChurchTools",
+    "LDAP",
+    "Migration",
+    "NextCloud"
+  ],
+  "author": "Alex Röhm",
+  "license": "GPL-3.0-or-later",
+  "bugs": {
+    "url": "https://github.com/AlexRoehm/ctcaldap/issues"
+  },
+  "homepage": "https://github.com/AlexRoehm/ctcaldap#readme",
+  "devDependencies": {
+    "chai": "^4.3.4",
+    "mocha": "^8.3.2"
+  },
+  "dependencies": {
+    "axios": "^0.21.4",
+    "chai-as-promised": "^7.1.1",
+    "dotenv": "^16.0.2",
+    "extend": "^3.0.2",
+    "ini": "^2.0.0",
+    "ldap-escape": "^2.0.5",
+    "ldapjs": "^2.3.1",
+    "nyc": "^15.1.0",
+    "path": "^0.12.7"
+  }
+}

src/constants.js

@@ -0,0 +1,9 @@
+exports.API_SLUG = "api"
+exports.WHOAMI_AP = "/whoami?only_allow_authenticated=true"
+exports.CSRF_AP = "/csrftoken"
+exports.LOGIN_AP = "/login"
+exports.INFO_AP = "/info"
+exports.GROUPMEMBERS_AP = "/groups/members?with_deleted=false"
+exports.IDS = "&ids[]="
+exports.PERSONS_AP = "/persons"
+exports.LDAPID_FIELD = "ncuid"

src/ctapi.js

@@ -0,0 +1,55 @@
+const log = require("./logging");
+const c = require("./constants");
+const extend = require("extend");
+const axios = require("axios").default;
+
+
+exports.ChurchToolsError = (message) => {
+  err = new Error(message)
+  log.error(message);
+  err.name = "ChurchToolsError"
+  return err;
+}
+
+exports.ChurchToolsFatalError = (message) => {
+  err = new Error(message)
+  log.error(message);
+  err.name = "ChurchToolsFatalError"
+  return err;
+}
+
+uriTrailingSlash = (uri) => (uri.slice(-1) !== "/" ? uri + "/" : uri);
+
+
+exports.result = (result, success, failed) => {
+  if (result && result.hasOwnProperty("data")) {
+    if (success) success(result);
+    log.debug(JSON.stringify(result.data));
+    return result.data
+  } else if (result && result.hasOwnProperty("status") && result.status === "success") {
+    if (success) success(result);
+    log.debug(JSON.stringify(result.data));
+    return result.data
+  } else if (result && result.hasOwnProperty("message")) {
+    if (failed) failed();
+    throw this.ChurchToolsError(result.message);
+  } else if (result && result.hasOwnProperty("status") &&
+    [400, 401, 403, 404, 405, 500, 501, 502, 503, 504].includes(result.status)) {
+    if (failed) failed();
+    throw this.ChurchToolsError("No Session or connection problems");
+  } else {
+    log.error(JSON.stringify(result));
+    throw this.ChurchToolsFatalError("Unexpected Error");
+  }
+}
+
+exports.request = async (request, success, failed) => {
+  log.debug(JSON.stringify(request))
+  var result = {}
+  try {
+    result = await axios(request)
+  } catch (err) {
+    throw this.ChurchToolsError(err.message);
+  }
+  return this.result(result, success, failed)
+}